Synopsis: Important: poppler security update
Issue date: 2008-04-17
CVE Names: CVE-2008-1693
Kees Cook discovered a flaw in the way poppler displayed malformed fonts
embedded in PDF files. An attacker could create a malicious PDF file that
would cause applications that use poppler -- such as Evince -- to crash,
or, potentially, execute arbitrary code when opened. (CVE-2008-1693)
SL 5.x
SRPMS:
poppler-0.5.4-4.4.el5_1.src.rpm
i386:
poppler-0.5.4-4.4.el5_1.i386.rpm
poppler-devel-0.5.4-4.4.el5_1.i386.rpm
poppler-utils-0.5.4-4.4.el5_1.i386.rpm
x86_64:
poppler-0.5.4-4.4.el5_1.i386.rpm
poppler-0.5.4-4.4.el5_1.x86_64.rpm
poppler-devel-0.5.4-4.4.el5_1.i386.rpm
poppler-devel-0.5.4-4.4.el5_1.x86_64.rpm
poppler-utils-0.5.4-4.4.el5_1.x86_64.rpm
-Connie Sieh
-Troy Dawson